Optimization Guide - ESET Knowledgebase
Transcription
Optimization Guide - ESET Knowledgebase
Virtual Environment Optimization Guide Contents Getting started......................................................................1 Software components.............................................................1 Section 1: Purchasing and downloading your software...............1 1.1 Getting your software........................................................ 1 Section 2: ESET Remote Administrator......................................1 Section 3: Creating a template................................................ 2 Section 4: Configuring a default policy..................................... 2 4.1 Checking into Remote Administrator.................................2 4.1.1 Updating from a mirror server..........................................2 4.2 Disable automatic updates at logon..................................3 4.3 Startup Scan priority.........................................................3 4.4 Exclude virtual machine tools and files..............................3 4.5 Minimum logging verbosity..............................................4 4.6 Disable the ESET graphical user interface...........................4 4.7 Save your virtual machine template...................................4 4.8 Startup Scan priority........................................................4 Section 5: Staggering scheduled tasks..................................... 4 Virtual Environment Optimization Guide Copyright © 2011 ESET, spol. s r.o. All rights reserved. No part of this documentation may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning, or otherwise without written permission from the author. ESET, spol. s r.o. reserves the right to change any of the described application software without prior notice. REV.20110808-001 Getting started Tips and tricks... Protecting your virtual environment with ESET NOD32 Antivirus and ESET Smart Security is simple and straightforward. While our products protect your virtual machine right out of the box, this guide will help optimize the performance of your virtual enterprise installation while minimizing the amount of individual setup required. The ESET Virtual Environment Optimization Guide enables you to rapidly generate a virtual machine template with a preconfigured ESET security solution and then deploy it to workstations. Because you’ll be using ESET Remote Administrator to manage your virtual machines, be sure to read the ESET Remote Administrator Basic Setup Guide and refer to it as necessary throughout this process. Software components You will need at least one virtual machine to act as a template starting point. Create this machine using the virtualization solution of your choice, such as VMware, Citrix or Microsoft Terminal Server. For detailed steps on creating a new virtual machine, please view the documentation included with your virtualization software. You will also want to have your ESET installation packages ready, which you will find in the next section. Section 1: Purchasing and downloading your ESET software. The first step in protecting your virtual environment is to purchase the ESET software components mentioned above. Keep in mind that each virtual machine requires one license, so make sure to purchase enough licenses to cover all of your virtual machines. If you have not already purchased an ESET security product, please select a link below, based on how many workstations you have: 1 - 15 workstations 16 - 2000 workstations More than 2000 workstations Download the companion guide: ESET Remote Administrator Basic Setup Guide http://www.eset.com/us/resources/manuals/ERA_Basic_ Setup_Guide.pdf KB connection Check the ESET Knowledgebase for more info: Licensing FAQ (Business Users) http://kb.eset.com/esetkb/ index?page=content&id=SOLN2667 What do I do with my ESET security product license files? http://kb.eset.com/esetkb/ index?page=content&id=SOLN2253 Username and password examples: Username: EAV-12345678 Pasword: 1a2bc3defg 1.1 Getting your software After purchasing your ESET security product, click the link below to visit the ESET Download Center and download your software: http://www.eset.com/download/ Click I have already purchased ESET software, take me to my download button. Click the Business Downloads tab and click the Download button beside ESET NOD32 Antivirus 4 or ESET Smart Security 4. You will also need to download ESET Remote Administrator Server and ESET Remote Administrator Console installation package. Section 2: ESET Remote Administrator ESET Remote Administrator allows your virtual machines to check in and report to one convenient spot, making it a critical tool for managing your virtual environment. If you already have ESET Remote Administrator installed on a virtual machine (or computer of your choice), you can skip to the next section of this guide. If you need help installing and configuring ESET Remote Administrator, please download and follow our ESET Remote Administrator Basic Setup Guide. The Basic Setup Guide will walk you through the installation and configuration of ESET Remote Administrator. Click the link below to download the guide: KB connection Check the ESET Knowledgebase for more info: What is authentication data (username and password) and what is its purpose? http://kb.eset.com/esetkb/ index?page=content&id=SOLN373 KB connection Check the ESET Knowledgebase for more info: How do I update ESET Remote Administrator with a new license file? http://kb.eset.com/esetkb/ index?page=content&id=SOLN540 http://www.eset.com/us/resources/manuals/ERA_Basic_Setup_Guide.pdf The ESET Remote Administrator Basic Setup Guide will also assist you in creating a mirror server, which gives your virtual machines a central spot to download virus signature database updates from without bogging your network down with redundant downloads. 1 Section 3: Creating a template Installing and configuring ESET NOD32 Antivirus or ESET Smart Security on a template now will save you hours of work later. You will be able to save this virtual machine’s configuration as a template and deploy it anytime you need a new machine. When creating a new virtual machine, make sure you allocate enough recourses to meet the minimum system requirements of ESET security products (400MHz, 256MB RAM). With your template machine open, install ESET NOD32 Antivirus or ESET Smart Security, just as you would with a regular computer. Run the downloaded installation file from Section 1, named eavbe_nt32_enu.msi or essbe_nt32_enu.msi. Follow the installation wizard, selecting options you would like to include in your template. Figure 3-1: installing your ESET software For step-by-step directions on installing your ESET security product, please click one of the Knowledgebase links below: Installing ESET NOD32 Antivirus Installing ESET Smart Security After your ESET security product is installed and functioning correctly on your virtual machine, continue to Section 4 to optimize your settings. Section 4: Configuring your template Now you’re ready for the important part: Configuring your template to make it suitable for deployment. 4.1 Checking into Remote Administrator Your ESET security solution can report important information and status updates to ESET Remote Administrator. To do so, your client must be properly configured to check into ESET Remote Administrator. Follow the steps below, using your template machine and freshly installed copy of ESET NOD32 Antivirus or ESET Smart Security. 1. Open the main program window by clicking the ESET icon next to the system clock or by clicking Start > All Programs > ESET > ESET Smart Security or ESET NOD32 Antivirus. Figure 4-1: Remote administration setup window 2. Press the F5 key on your keyboard to enter the Advanced Setup menu. 3 Click the Remote administration section from the Setup tree on the left, under the Miscellaneous section. 4. Select the Connect to Remote Administrator server check box on the right side of the Setup menu. You will also need to enter the Server address and the Port (if changed from default) where ESET Remote Administrator is running. KB connection Check the ESET Knowledgebase for more info: What is ESET Remote Administrator? 5. If the Remote Administrator server requires authentication, enter that password by selecting the check box at the bottom of the page. http://kb.eset.com/esetkb/ Your client will check in with ESET Remote Administrator at the next connection interval. How do I install ESET Remote Administrator 4.1.1 Updating from a mirror server index?page=content&id=SOLN814 If you will be using a mirror server to update your clients, now is a good time to add that information. The following steps are also done from the Advanced Setup menu, where you left off in the previous step. If you have already left the Advanced Setup menu, press F5 on your keyboard to reopen it. 1. Click Update from the Advanced Setup tree on the left. 2. Click the Edit... button in the Update settings for selected profile box. 3. Add the appropriate mirror server location and click Add. Click Ok and then select the mirror from the drop-down menu to use your new mirror server as your main Update server. With your client checking into ESET Remote Administrator and updating from a mirror server, you are now ready to configure some of the options and functionality to optimize system performance. 2 index?page=content&id=SOLN189 and configure a Mirror server? http://kb.eset.com/esetkb/ 4.2 Disable automatic updates at logon If you are in a situation where many virtual machines are turned on at the same time, multiple clients updating simultaneously may overwhelm your network. The best solution is to disable automatic updates at logon. Your machines will still update when needed will avoid the initial rush at logon. Follow the steps below to disable automatic updates at logon: 1. Open the main program window by clicking the ESET icon next to the system clock or by clicking Start > All Programs > ESET > ESET NOD32 Antivirus or ESET Smart Security. 2. If you see the message Display: Standard mode in the lower left corner, toggle to Advanced mode by clicking Change... or by pressing CTRL + M on your keyboard. 3. From the main menu, click Tools > Scheduler to open the Scheduler/Planner window. 4. Deselect the Automatic update after user logon (Launch time: User logon) checkbox. Return to the main program window and leave it open. You have a couple more steps to do before your template is ready to be saved. Figure 4-2: the Scheduler window KB connection Check the ESET Knowledgebase for more info: Can I change the frequency of virus signature updates? (4.x) http://kb.eset.com/esetkb/ index?page=content&id=SOLN2117 Why does my automatic system startup scan take an unusually long time to complete? 4.3 Startup Scan priority http://kb.eset.com/esetkb/ index?page=content&id=SOLN2475 Similar to the issue avoided in section 4.2, changing the Startup Scan priority can be helpful with larger networks that have multiple virtual machines. When you first logon to Windows, your ESET security product will run a Startup Scan to check for malicious software. This configuration change will still run the Startup scan, but will wait to do so until there are available CPU resources. Follow the steps below to set the Startup Scan priority to When Idle. 1. From the main menu, click Tools > Scheduler to open the Scheduler/Planner window. 2. Select System startup file check (User logon) from the list and click Edit.... 3. Click Next four times and then click Finish. 4. In the Automatic startup file check window, select When idle from the Scan priority drop-down menu. Figure 4-3: the Scan priority setting drop-down menu 5. Click OK. Your system will now run the startup scan only when the CPU is idle. Quick Links 4.4 Exclude virtual machine tools and files Exclusion information: Scanning system files, and in this case, the virtual machine software, can occasionally cause stability issues. To prevent this, we recommend that you manually exclude any such files from the Antivirus and antispyware scanning engine by following the steps below. Hyper-V Exclusions: http://technet.microsoft.com/en-us/library/ dd283088(WS.10).aspx 1. Press the F5 key on your keyboard to display the Advanced Setup window. 2. From the Advanced Setup tree, click Exclusions (under the Antivirus and antispyware section) and then click the Add... button. VMware View: http://www.vmware.com/files/pdf/VMwareView-AntiVirusDeployment-WP-en.pdf Citrix Exclusions: http://support.citrix.com/article/CTX127030 3. The Add exclusion window will be displayed. Using the directory tree, browse for the folder or file you wish to exclude. The directory path will automatically display In the Exclusion: field. Click OK to save the exclusion. Different virtualization solutions have different files that you should exclude. Please review your virtualization documentation to add the appropriate files to the exclusion list or check the Quick Links area to the right. Figure 4-4: the exclusions list 3 4.5 Minimum logging verbosity If you plan on disabling the graphical user interface in section 4.6, it is important that you have the correct logging verbosity selected. Without the GUI, you’ll have to rely on information sent from the client to ESET Remote Administrator. 1. Press the F5 button on your keyboard to enter the Advanced setup window. 2. From the menu tree on the left, click Log files, found under the Tools section. 3. Make sure the Minimum logging verbosity is set to Informative records. Figure 4-5: the minimum logging verbosity setting If the logging verbosity is set too high, your network may experience issues with clients reporting too much information. If verbosity is set too low, it will be hard to determine possible issues with your clients. The Informative records setting offers a good compromise: keeping you informed while keeping data transmission to a minimum. 4.6 Disable the ESET graphical user interface For this next step, we highly recommend reading the Knowledgebase article linked below for more information. Disabling the GUI is for advanced users only. After disabling EGUI.exe, your ESET security solution will run without a graphical user interface. This saves system resources, but must be managed using ESET Remote Administrator. KB connection Check the ESET Knowledgebase for more info: How do I disable the graphical user interface (egui.exe)? http://kb.eset.com/esetkb/ index?page=content&id=SOLN2340 Warning - Please read the following article before proceeding to step 1: http://kb.eset.com/esetkb/index?page=content&id=SOLN2340 1. Click Start > Run (Windows Vista users: Click Start, type Run and press ENTER). 2. Copy and paste or type the following string into the command line field and click OK: REG DELETE HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v egui /f After restarting your virtual machine, your ESET security product will silently load and run without a graphics user interface. Figure 4-6: the Windows Run window 4.7 Save your virtual machine template If you skipped section 4.6 and did not restart your virtual machine, please restart it now. Save your virtual machine template using your virtualization software. You may also want to install other software packages commonly used on virtual machines you deploy. You now have a preconfigured, ready-to-deploy image any time you need a new machine. New deployed machines will run without the GUI (if step 4.6 was followed), check into ESET Remote Administrator and receive updates from your mirror server. KB connection Check the ESET Knowledgebase for more info: Section 5: Staggering scheduled tasks If you plan on scheduling tasks or On-demand scans and would like to prevent each client from scanning at the same time, you must make groups in ESET Remote Administrator Console using Tools > Group Manager. After creating groups, use Policy Manager assign specific tasks to each group. Policy manager will allow you to create custom configurations on a per-group basis. By default, ESET Smart Security 5 does not include a scheduled On-demand scan, so staggering scans will be unnecessary. If you need to stagger other tasks for any reason, please refer to the ESET Remote Administrator User Guide for details. Creating a scheduled scan using ESET Remote Administrator http://kb.eset.com/esetkb/ index?page=content&id=SOLN717 ESET Remote Administrator Installation Manual and User Guide Figure 5-1: Static Groups in ERAC 4